Spammers using a non-existant address as return-path
I have just received a spam complaint, and unfortunately, some spammers
have been using an address on one of my domains in their Return-Path
and From-headers. How nice of them :-( . This address has never
existed. I'm using the Exim packages from Woody.
For quite some time, I have seen it show up in my server logs, I'm
rotating them too often, I guess, and I don't remember exactly what I
have seen long ago, but recently I have seen things like:
2002-11-15 01:48:08 verify failed for SMTP recipient
firstname.lastname@example.org from <> H=mta458.mail.yahoo.com
I allow VRFY, and most of these come from yahoo.com or hotmail.com, I
guess that has to do with spam filters they use. This address is
probably getting a lot of bounces, which is then bounced off my server,
and I don't want to waste my resources with accepting those, all in all
I want to conserve as much as I can.
But, is there something I _should_ do in this situation, like including
some text in the bounce saying that this address has never existed, and
is being abused by spammers? If yes, _how_ should I do it?
I hope this is the right forum to ask...
email@example.com firstname.lastname@example.org email@example.com